Unable to open VM web console for some VMs in VMware Cloud Director
search cancel

Unable to open VM web console for some VMs in VMware Cloud Director

book

Article ID: 372620

calendar_today

Updated On:

Products

VMware Cloud Director

Issue/Introduction

  • When opening the VM web console in VMware Cloud Director (VCD) it gets immediately disconnected 
  • In the /opt/vmware/vcloud-director/logs/console-proxy.log, you have entries as below:

    YYYY-MM-DD TIME | ERROR    | pool-jetty-452519         | ServerWebSocket                | Connecting to ESX esxi.exampl.com [server: [L=/##.##.##.##:443 R=/##.##.##.##:57424]] [client: [id: 0xbd9c6d44, L:/##.##.##.##:53232 ! R:esxi.exampl.com/##.##.##.##:443]] |io.netty.handler.codec.DecoderException: javax.net.ssl.SSLHandshakeException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
    .....
    Caused by: javax.net.ssl.SSLHandshakeException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

Environment

VMware Cloud Director 10.x

Cause

ESXi certificates are not trusted in VMware Cloud Director.
This can happens if an ESXi certificate was recently renewed or expired.

Resolution

Establish the trust for each ESXi hosts reported in the error in /opt/vmware/vcloud-director/logs/console-proxy.log following the documentation Test the Connection to a Remote Server and Establish a Trust Relationship